If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Announcement

Collapse

No announcement yet.

General Howto: Tunnel PulseAudio and Synergy over SSH as well as share connections.

General Howto: Tunnel PulseAudio and Synergy over SSH as well as share connections.

08-24-2011, 02:58 AM

Now probably most people here have gotten to the point were they have more then one system at home or at work. Like they need Linux for development, but corporation makes them use Windows desktops for various reasons. Or they own a laptop or netbook in addition to their main desktop at home.

Something like that.

For those people they are probably aware of 'Synergy', which is a program designed to share keyboard and mice between multiple machines. http://synergy-foss.org/. Also if your using Desktop Linux you are probably using PulseAudio, which allows you to share a single output/input device between multiple machines.

Now Synergy has a major problem.... It just uses the network in plain text. That is everything you send between the machines you are using synergy on there is no encryption or anything like that. It assumes that you are using the machines on a secure network... which in reality sucks because there is very few secure networks that are commonly used.

I've been using Synergy with SSH for a while now. At work and at home. The idea of typing out all my passwords and such on a keyboard and mouse that is connected directly to the network with no encryption or anything is just too irritating to put up with.

Recently I've started using my laptop more as a desktop accessory for 2 extra displays and whatnot. So I want to play videos on the laptop, but the speakers are tiny and worn out. I don't want to get yet another stereo system on my desk when I already have one that works and sounds fine. So I now tunnel PA over SSH. That way I can use my desktop Microphone and output just naturally on my laptop.

I like it and it's not terribly easy to find documentation, so I figure I'd put it here and let Google sniff it up for anybody looking for this in the future.

Comment

Second thing to do is get PulseAudio's TCP support turned on. By default it listens to regular Unix Sockets. This is fast, but not something easily networkable. Other solutions I've seen use 'socat' to make the unix socket networkable-ish, but that stuff is irritating.

So on your main system ('spaceshipone') you want to turn on PA's TCP support, but configure it to just use localhost so people not on your computer cannot access your audio streams.

In "/etc/pulse/default.pa" look for the following lines:

Code:

### Network access (may be configured with paprefs, so leave this commented
### here if you plan to use paprefs)
#load-module module-esound-protocol-tcp
#load-module module-native-protocol-tcp
#load-module module-zeroconf-publish

So what that does is that it causes pulseaudio to listen on localhost and then disables authentication for anybody connecting on localhost. For single user machines this will be fine. Now go ahead and kill pulseaudio so it restarts with the new config:

Code:

$ killall pulseaudio

Go ahead and confirm that it's now listening:

Code:

$ netstat -lpntu|grep pulseaudio
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:4713 0.0.0.0:* LISTEN 7928/pulseaudio

On the secondary system (whitenight) go ahead and configure the pulseaudio clients to try to attach to localhost instead of starting a new pulseaudio daemon...

Create a new file "~/.pulse/client.conf"

Code:

$ echo 'default-server = 127.0.0.1 > ~/.pulse/client.conf

Now kill pulseaudio:

Code:

$ pulseaudio -k

Comment

Ok, now we configure SSH to enable to connections between the systems.

Now you can specify on a command line remote port forwarding and such, but it's fairly painful to type out. The easy way is just to take advantage of your ssh client configuration files and setup pre-configured connections.

I will also take advantage of 'ControlMaster' feature of OpenSSH. This allows you to share the same SSH connection between multiple sessions. That is if you 'ssh' into the machine multiple times it will not create a new SSH connection... it will just re-use the old one. ControlMaster is optional, but I find it convenient.

It's useful for things like; Speeding up remote command execution, making remote edit capabilities of Vim or Emacs work better, make a sort of Single-Sign on, and quite a few other things. Making new SSH connections has a lot of overhead and thus ControlMaster can speed up lots of operations, even if your using shared keys or something like that.

The bad things include... If ssh client dies unexpectedly then you will need to remove the socket file manually to get it working again. You cannot reconfigure a connection once it is established, so if you want to do things like enable X11-over-SSH you can only do that when you first make a connection. Large file transfers may cause blocking on the connection... since your using the same TCP connection for multiple things it may be a bottleneck for long operations.

See 'man ssh_config' for details, but a sample configuration would be:

The .local DNS names will be created automatically if your using Avahi/Bonjuor network configuration stuff. This is the default for Ubuntu, I think. For Fedora you have to install avahi and open up the network ports in your firewall to get it to work. Otherwise you can substitute your IP addresses or whatever. Just as long as everything is consistent so that ControlPath will always find the right files.

Now go ahead and create the connection and start synergyc on the remote system: